Information Security Advisory
ITS Security Office – BGSU  5/21/2010

Fraudulent phishing email from Webmaster requesting personal information. Do not click on links and delete immediately!

Systems Affected
All BGSU email users.

Overview
There are recent reports regarding a phishing email that includes the following text:

To: Email User
Subject: Maintenance Notification..
ATTENTION.
We have been notified that alot of fraudulent mails have been sent to our servers.
For security reasons,We are carrying out a maintenance which will require your furnishing us with the following details:
Login Username:
Login password: **************
You might not be able to send or receive mails if you do not send your details.
Best Regards
Webmaster

Do not click on any of the included links and delete immediately!

Impact
This can lead to loss of private information and unauthorized access to BGSU email account.

Reminder
At no time will the Office of the CIO, Information Technology Services (ITS) or the Technology Support Center (TSC) ask for your username/password in this form or with an email message.

DISCLAIMER:   Information Security Advisories and related resources provide technical and administrative advice to protect sensitive information on the University network and to help BGSU comply with regulations pertaining to information security.  Failure to comply with these advisories may directly or indirectly increase the risk of exposure or compromise of sensitive University information.  These advisories and resources do not provide legal advice – contact the BGSU Office of General Counsel or other appropriate legal advisor for interpretations of regulations.